Lines Matching full:authentication

30 This document describes the integration of GSS-API authentication and
35 The requirements of the GSS-API authentication system for Sun RPC are:
38 \item It must provide mutual authentication between RPC clients and
57 indicating that they do not understand the authentication flavor, but
72 authentication flavor.   Knowledge of standard Sun RPC programming is
77 A RPC client can select the GSS-API authentication flavor in the same
78 way it can select any other authentication flavor, by setting the
86 There are two functions that create GSS-API authentication flavor
104 auth_gssapi_create creates a GSS-API authentication structure and
160 ``GSS-API authentication error $<$msg$>$:''.
244 The Sun RPC extensible authentication mechanism is designed to allow
245 different authentication systems to be integrated into Sun RPC easily.
249 of or ability to perform authentication-flavor-specific operations on
253 authentication systems.  The second problem is more substantial, and
259 \subsection{Client Side Authentication, AUTH Structure}
262 function pointers for an authentication flavor instance.  It has been
290 authentication mechanism can use them to sign, encrypt, or perform any
315 ah_refresh should go about correcting the authentication failure.
386 \subsection{Service Side Authentication, SVCAUTH and XPRT}
388 Standard Sun RPC service-side authentication consists of a single
389 function per authentication flavor; there is no concept of an AUTH
411 There is one SVCAUTH structure per authentication flavor (there is a
412 default, svc_auth_any, for existing authentication flavors that do not
418 functions associated with the authentication flavor associated with
426 to svc_auth_any so that existing authentication mechanisms that do not
466 authentication flavor structure, the functions that serialize and
477 the service request (svc_req) structure.  In many authentication
486 authentication flavor is responsible for setting rq_svccred to the
488 Authentication flavors that do not have the concept of service names
509 \subsection{Authentication Negotiation, no_dispatch}
511 In order to avoid having to transmit a full set of authentication
512 information with every call, the service-side authentication mechanism
515 authentication mechanisms.  The client-side authentication mechanism
517 programmer to specify the CLIENT structure to the authentication
521 For client- and service-side authentication flavors to communicate
528 authentication flavor; see figure \ref{fig:authenticate}.  It takes an
548 authentication flavor that sets no_dispatch to true also replies to
549 the RPC call with svc_sendreply.  Authentication flavors that do not
581 \section{GSS-API Authentication Flavor}
584 authentication flavor for Sun RPC.
586 \subsection{Authentication Algorithms}
704 authentication mechanism for the actual server.  Any message whose
705 auth_msg field is true is processed by the authentication mechanism;
707 server's dispatch function if authentication succeeds.  All messages
709 authentication cannot succeed until it is.
714 \subsection{GSS-API Authentication Flavor Procedures}
716 The GSS-API authentication flavor uses standard RPC calls over the
720 server-side authentication flavor will simply attempt to authenticate
722 server-side authentication flavor uses the no_dispatch variable to
839 \subsection{RPC Call Authentication Implementation}
864 _svcauth_gssapi (in response to an AUTH_GSSAPI authentication flavor
900 The client-side GSS-API authentication flavor maintains an
901 auth_gssapi_data structure for each authentication instance:
918 The established field indicates whether the authentication context
922 mimic the ``no authentication'' flavor since there is no context with
923 which to perform authentication functions.\footnote{This field is
925 RPC call, it has to have set the client's authentication flavor to
928 authentication flavor set, all of the authentication flavor's
933 communicate with the GSS-API authentication flavor on the server.
947 credential, in which case the authentication mechanism is responsible
960 The server-side GSS-API authentication flavor maintains an
1023 dispatch to server-side authentication flavors can access an
1024 appropriate SVCAUTH structure, and the server-side authentication